One of the greatest advantages of ASP.NET MVC is that it provides a "Close to the Metal" programming experience and you have full control over the HTML. It aslo means that you should care about the vulnerabilities regards with your HTML. In webform, server controls would be automatically HTML-encoded their outputs. While developing ASP.NET MVC apllications, you should filter your HTML to avoid XSS attacks. Use the following HTML helper methods to avoid vulnerabilities in your ASP.NET MVC applications.